| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
reduce the possibility of a side-channel attack leaking the private key.
Suggested by Keegan Ryan at NCC Group.
With input from and ok jsing
|
| |
|
|
|
|
|
|
| |
the possibility of a side-channel attack leaking the private key.
Suggested by Keegan Ryan at NCC Group.
With input from and ok tb@
|
| |
|
|
| |
Requested by and ok tb@
|
| |
|
|
|
|
|
| |
to occur once and not be repeated if the signature generation has to be
repeated.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
In the very unlikely case where we have to repeat the signature generation,
the DSA_SIG return value has already been allocated. This will either
result in a leak when we allocate again on the next iteration, or it
will give a false success (with missing signature values) if any error
occurs on the next iteration.
ok tb@
|
| |
|
|
| |
ok beck@ tb@
|
| |
|
|
| |
ok beck@ tb@
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This is caused by an attempt to do fast modular arithmetic, which
introduces branches that leak information regarding secret values.
Issue identified and reported by Keegan Ryan of NCC Group.
ok beck@ tb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
by Guido Vranken to OpenSSL (https://github.com/openssl/openssl/pull/6457)
and based on his diff. suggestions from tb@, ok tb@ jsing@
"During key agreement in a TLS handshake using a DH(E) based ciphersuite a
malicious server can send a very large prime value to the client. This will
cause the client to spend an unreasonably long period of time generating a key
for this prime resulting in a hang until the client has finished. This could be
exploited in a Denial Of Service attack."
|
| | |
|
| |
|
|
| |
From Dmitry Eremin-Solenikov <dbaryshkov at gmail dot com>.
|
| |
|
|
|
|
|
|
|
| |
UI_method_get_flusher(), UI_method_get_opener(),
UI_method_get_prompt_constructor(), UI_method_get_reader(), and
UI_method_get_writer().
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
|
| |
BIO_meth_get_callback_ctrl, BIO_meth_get_create, BIO_meth_get_ctrl,
BIO_meth_get_destroy, BIO_meth_get_gets, BIO_meth_get_puts,
BIO_meth_get_read, and BIO_meth_get_write.
ok jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
a little:
Use X509_get0_pubkey() in place of X509_get_pubkey() and EVP_PKEY_free().
Check return value of the former in the appropriate place and simplify the
logic for dealing with the potentially NULL pkey argument (includes a neat
tweak from jsing). Finally, kill an ugly comment that has been rotting for
twenty years and merge the lines around it.
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
| |
X509_NAME_get_index_by_{OBJ,NID}().
tested in a bulk build by sthen
suggested by & ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok bcook, jsing
|
| |
|
|
|
|
|
|
| |
to do it a second time by hand, badly. While here, do some style cleanup.
This incomplete list of function pointers appears in EVP_PKEY_asn1_copy()
as well, fix it by adding sig_print to the members copied over.
ok bcook
|
| |
|
|
| |
to the argument of UI_create_method(3). Adjust the manual.
|
| |
|
|
|
| |
to the ASN1_OBJECT argment of X509_NAME_add_entry_by_OBJ(3).
Adjust the manual.
|
| |
|
|
| |
to the input argument of ASN1_STRING_to_UTF8(3). Adjust the manual.
|
| |
|
|
| |
to the input argument of i2o_ECPublicKey(3). Adjust the manual.
|
| |
|
|
| |
to both arguments of X509_check_private_key(3). Adjust the manual.
|
| |
|
|
|
| |
tb@ added const qualifiers to the pointer arguments of some X509_get_ext*(3)
and X509_REVOKED_get_ext*(3) functions. Adjust the manual.
|
| |
|
|
|
| |
tb@ added a const qualifier to the X509_NAME argument of these output
functions. Adjust the manual.
|
| |
|
|
|
| |
tb@ added const qualifiers to some arguments of X509_NAME read accessors.
Adjust the manual.
|
| |
|
|
|
|
|
| |
to the X509_NAME_ENTRY argument of X509_NAME_add_entry(3) and in
x509.h rev. 1.55 2018/05/18 18:02:07 to the "bytes" argument of
X509_NAME_add_entry_by_OBJ(3) and X509_NAME_add_entry_by_NID(3).
Adjust the manual.
|
| |
|
|
|
| |
added const qualifiers to some arguments of some X509_NAME_ENTRY functions.
Adjust the manual.
|
| |
|
|
|
| |
to one argument each of X509_EXTENSION_set_object(3)
and X509_EXTENSION_get_critical(3). Adjust the manual.
|
| |
|
|
|
|
| |
^^^^^
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
Tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
|
| |
X509V3_get_d2i() and X509V3_extensions_print(), and one to the 'title'
argument of the latter function.
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
|
|
| |
one to the last argument of each one of i2s_ASN1_OCTET_STRING(),
s2i_ASN1_OCTET_STRING(), i2s_ASN1_INTEGER(), i2s_ASN1_ENUMERATED(),
and i2s_ASN1_ENUMERATED_TABLE().
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
Sprinkle a few spaces after commas while there. Omitted from
earlier commit to reduce noise in the diff.
|
| |
|
|
|
|
|
|
|
|
|
| |
X509V3_get_value_bool(), X509V3_add_value_bool_nf(),
X509V3_get_value_int(), X509V3_get_string(), X509V3_get_section()
are now const.
While there, remove a stupid cast and two redundant checks.
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
|
| |
X509_get_ext(3), X509_get_ext_by_NID(3), X509_get_ext_by_OBJ(3),
X509_get_ext_by_critical(3), X509_get_ext_count(3), X509_get_ext_d2i(3).
tested in a bulk by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
input & ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
| |
X509_TRUST_get0_name(3), X509_TRUST_get_flags(3), and X509_TRUST_get_trust(3).
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
|
|
| |
X509_REVOKED_get_ext(3), X509_REVOKED_get_ext_count(3),
X509_REVOKED_get_ext_by_NID(3), X509_REVOKED_get_ext_by_OBJ(3),
X509_REVOKED_get_ext_by_critical(3), X509_REVOKED_get_ext_d2i(3).
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
|
|
| |
arguments of X509_PURPOSE_add(3), X509_PURPOSE_get0_name(3),
X509_PURPOSE_get0_sname(3), X509_PURPOSE_get_by_sname(3),
X509_PURPOSE_get_id(3), X509_PURPOSE_get_trust(3).
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
|
|
| |
X509_NAME_print{,_ex{,_fp}}(3).
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk build by sthen
ok jsing
|
| |
|
|
|
| |
tested in a bulk by sthen
ok jsing
|
